From 76811c8a7f8ff6d7c7b33ea032116d7fdf4fa456 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= Date: Tue, 19 Apr 2016 19:26:04 +0200 Subject: [PATCH] add --audit-all option --- bin/hardening.sh | 7 +++++++ lib/main.sh | 4 ++++ 2 files changed, 11 insertions(+) diff --git a/bin/hardening.sh b/bin/hardening.sh index 6c48c0d..9b0185b 100755 --- a/bin/hardening.sh +++ b/bin/hardening.sh @@ -18,6 +18,7 @@ TOTAL_CHECKS=0 TOTAL_TREATED_CHECKS=0 AUDIT=0 APPLY=0 +AUDIT_ALL=0 usage() { cat << EOF @@ -40,6 +41,9 @@ while [[ $# > 0 ]]; do --audit) AUDIT=1 ;; + --audit-all) + AUDIT_ALL=1 + ;; --apply) APPLY=1 ;; @@ -76,6 +80,9 @@ for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh | sort -V); do if [ $AUDIT = 1 ]; then debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit" $SCRIPT --audit + elif [ $AUDIT_ALL = 1 ]; then + debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit-all" + $SCRIPT --audit-all elif [ $APPLY = 1 ]; then debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT" $SCRIPT diff --git a/lib/main.sh b/lib/main.sh index 5c1497c..7808f28 100644 --- a/lib/main.sh +++ b/lib/main.sh @@ -26,6 +26,10 @@ fi while [[ $# > 0 ]]; do ARG="$1" case $ARG in + --audit-all) + debug "Audit all specified, setting status to audit regardless of configuration" + status=audit + ;; --audit) if [ $status != 'disabled' -a $status != 'false' ]; then debug "Audit argument detected, setting status to audit"